]> git.armaanb.net Git - opendoas.git/blobdiff - doas.c
projects / opendoas.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
import sys-tree.h from openssh-portable
[opendoas.git] / doas.c
diff --git a/doas.c b/doas.c
index cceeac17d07317224bb396a420e2204ee168cb13..ee1b341f7ba8b9eb13426a5dd16a70568a642805 100644 (file)
--- a/doas.c
+++ b/doas.c
@@ -32,7 +32,6 @@
 #include "includes.h"
 
 #include "doas.h"
-#include "version.h"
 
 static void __dead
 version(void)
@@ -191,112 +190,15 @@ parseconfig(const char *filename, int checkperms)
                exit(1);
 }
 
-/*
- * Copy the environment variables in safeset from oldenvp to envp.
- */
-static int
-copyenvhelper(const char **oldenvp, const char **safeset, size_t nsafe,
-    char **envp, int ei)
-{
-       size_t i;
-
-       for (i = 0; i < nsafe; i++) {
-               const char **oe = oldenvp;
-               while (*oe) {
-                       size_t len = strlen(safeset[i]);
-                       if (strncmp(*oe, safeset[i], len) == 0 &&
-                           (*oe)[len] == '=') {
-                               if (!(envp[ei++] = strdup(*oe)))
-                                       err(1, "strdup");
-                               break;
-                       }
-                       oe++;
-               }
-       }
-       return ei;
-}
-
-static char **
-copyenv(const char **oldenvp, struct rule *rule)
-{
-       const char *safeset[] = {
-               "DISPLAY", "HOME", "LOGNAME", "MAIL",
-               "PATH", "TERM", "USER", "USERNAME",
-               NULL
-       };
-       const char *badset[] = {
-               "ENV",
-               NULL
-       };
-       char **envp;
-       const char **extra;
-       int ei;
-       size_t nsafe, nbad;
-       size_t nextras = 0;
-
-       /* if there was no envvar whitelist, pass all except badset ones */
-       nbad = arraylen(badset);
-       if ((rule->options & KEEPENV) && !rule->envlist) {
-               size_t iold, inew;
-               size_t oldlen = arraylen(oldenvp);
-               envp = reallocarray(NULL, oldlen + 1, sizeof(char *));
-               if (!envp)
-                       err(1, "reallocarray");
-               for (inew = iold = 0; iold < oldlen; iold++) {
-                       size_t ibad;
-                       for (ibad = 0; ibad < nbad; ibad++) {
-                               size_t len = strlen(badset[ibad]);
-                               if (strncmp(oldenvp[iold], badset[ibad], len) == 0 &&
-                                   oldenvp[iold][len] == '=') {
-                                       break;
-                               }
-                       }
-                       if (ibad == nbad) {
-                               if (!(envp[inew] = strdup(oldenvp[iold])))
-                                       err(1, "strdup");
-                               inew++;
-                       }
-               }
-               envp[inew] = NULL;
-               return envp;
-       }
-
-       nsafe = arraylen(safeset);
-       if ((extra = rule->envlist)) {
-               size_t isafe;
-               nextras = arraylen(extra);
-               for (isafe = 0; isafe < nsafe; isafe++) {
-                       size_t iextras;
-                       for (iextras = 0; iextras < nextras; iextras++) {
-                               if (strcmp(extra[iextras], safeset[isafe]) == 0) {
-                                       nextras--;
-                                       extra[iextras] = extra[nextras];
-                                       extra[nextras] = NULL;
-                                       iextras--;
-                               }
-                       }
-               }
-       }
-
-       envp = reallocarray(NULL, nsafe + nextras + 1, sizeof(char *));
-       if (!envp)
-               err(1, "can't allocate new environment");
-
-       ei = 0;
-       ei = copyenvhelper(oldenvp, safeset, nsafe, envp, ei);
-       ei = copyenvhelper(oldenvp, rule->envlist, nextras, envp, ei);
-       envp[ei] = NULL;
-
-       return envp;
-}
-
 static void __dead
 checkconfig(const char *confpath, int argc, char **argv,
     uid_t uid, gid_t *groups, int ngroups, uid_t target)
 {
        struct rule *rule;
 
-       setresuid(uid, uid, uid);
+       if (setresuid(uid, uid, uid) != 0)
+               err(1, "setresuid");
+
        parseconfig(confpath, 0);
        if (!argc)
                exit(0);
@@ -312,7 +214,7 @@ checkconfig(const char *confpath, int argc, char **argv,
 }
 
 int
-main(int argc, char **argv, char **envp)
+main(int argc, char **argv)
 {
        const char *safepath = "/bin:/sbin:/usr/bin:/usr/sbin:"
            "/usr/local/bin:/usr/local/sbin";
@@ -334,6 +236,7 @@ main(int argc, char **argv, char **envp)
        int vflag = 0;
        char cwdpath[PATH_MAX];
        const char *cwd;
+       char **envp;
 #ifdef HAVE_BSD_AUTH_H
        char *login_style = NULL;
 #endif
@@ -438,6 +341,10 @@ main(int argc, char **argv, char **envp)
                errc(1, EPERM, NULL);
        }
 
+       pw = getpwuid(target);
+       if (!pw)
+               errx(1, "no passwd entry for target");
+
 #ifdef HAVE_BSD_AUTH_H
        if (!(rule->options & NOPASS)) {
                if (nflag)
@@ -472,9 +379,8 @@ main(int argc, char **argv, char **envp)
                explicit_bzero(rbuf, sizeof(rbuf));
        }
 #elif HAVE_PAM_APPL_H
-       if (!doas_pam(myname, !nflag, rule->options & NOPASS)) {
-               syslog(LOG_AUTHPRIV | LOG_NOTICE,
-                               "failed auth for %s", myname);
+       if (!doas_pam(pw->pw_name, myname, !nflag, rule->options & NOPASS)) {
+               syslog(LOG_AUTHPRIV | LOG_NOTICE, "failed auth for %s", myname);
                errc(1, EPERM, NULL);
        }
 #else
@@ -485,14 +391,19 @@ main(int argc, char **argv, char **envp)
        if (pledge("stdio rpath getpw exec id", NULL) == -1)
                err(1, "pledge");
 
-       pw = getpwuid(target);
-       if (!pw)
-               errx(1, "no passwd entry for target");
-
+#ifdef HAVE_BSD_AUTH_H
        if (setusercontext(NULL, pw, target, LOGIN_SETGROUP |
            LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETUMASK |
            LOGIN_SETUSER) != 0)
                errx(1, "failed to set user context for target");
+#else
+       if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) != 0)
+               errx(1, "setgid");
+       if (initgroups(pw->pw_name, pw->pw_gid) != 0)
+               errx(1, "initgroups");
+       if (setresuid(target, target, target) != 0)
+               errx(1, "setuid");
+#endif
 
        if (pledge("stdio rpath exec", NULL) == -1)
                err(1, "pledge");
@@ -508,7 +419,7 @@ main(int argc, char **argv, char **envp)
        syslog(LOG_AUTHPRIV | LOG_INFO, "%s ran command %s as %s from %s",
            myname, cmdline, pw->pw_name, cwd);
 
-       envp = copyenv((const char **)envp, rule);
+       envp = prepenv(rule);
 
        if (rule->cmd) {
                if (setenv("PATH", safepath, 1) == -1)
Fork of OpenDoas that insults you